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1 Introduction 

Definition 1.1 (Kripke structure). A Kripke structure is a tuple 5" whose first 
component is a non-empty set Q called the universe of ^ and whose remaining 
components are binary relations on Q. We assume that every Kripke structure 
has at least one relation. 

This paper is about Kripke structures that are 

1. inside a relational database. 

2. queried with a modal language. 

At first the modal language that is used is introduced, followed by a definition 
of the database and relational algebra. Based on these definitions two things 
are described: 

1. a mapping from components of the model structure to a relational 
database schema and instance. 

2. a translation from queries in the modal language to relational algebra 
queries. 



2 The modal language 
2.1 Language 

The modal language used is an adaptation of the language used in [FM99j . The 
most prominent difference is the absence of predicates. 

*Work supervised by Balder ten Gate, Institute for Logic, Language and Computation, 
Universiteit van Amsterdam. 
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Definition 2.1 (Lexicon). The lexicon consists of: 

1. basic symbols: ^ A V ^ 3 V ( ) 

2. modal operators: for every accessibility relation tt the modal operators (tt) 
and [tt] 

3. a collection of constants symbols. There are two kinds of 

constants: constants that denote individual objects and constants that 
denote individual concepts. There is a concept constant symbol id, which 
will be given a special meaning in definition 14.11 

4. a collection of variable symbols. Like constants, there are two kinds of 
variables. I'll use lowercase Latin letters x,y,z as object variables and 
lowercase Greek letters 7 as concept variables. 

5. the relation symbols = and ^. 

Definition 2.2 (Term). A term denotes an individual object or concept. The 
definition of term is as follows: 

1. Constants and variables are terms. A term is an object term if it is an 
individual object variable or constant. Similarly for concept terms. 

2. If t is a concept term, J. t is an object term. | t is intended to designate 
the object denoted by t, in a particular state. 

3. Nothing else is a term. 

Definition 2.3 (Formula). A formula expresses some fact about the (possibly 
virtual) reality. A formula without free variables is called a sentence. Sentences 
are the things of which we can say that they are true or false. The definition of 
formula is as follows: 

1. If and t2 are both object term^, then ti = t2 and ti t2 are atomic 
formulas. 

2. If is a formula, then -^Lp is a formula. 

3. If is a formula and tt an accessibility relation, then (7r)(^ and [k\(p are 
formulas. 

4. If Lp and ■0 are formulas, so are ((/s A t/"), {(pW tp), {ip ^p). 

5. If </j is a formula and g is a variable of either kind, then ip and 3g ip 
are formulas. 

6. If is a formula, p is a variable of either kind, and i is a term of the same 
kind as g, then {Xg.ip)(t) is a formula. 

7. Nothing else is a formula. 

^The exclusion of concept terms is intentional. 
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2.2 Semantics 



Definition 2.4 (Augmented Frame). The frames we need to build first-order 
modal models with are enhanced versions of frames used for the semantics of 
propositional modal logic. Let 11 be a set of accessibility relations. An aug- 
mented frame is a structure {Q,{R„\Tr £ 11}, X>o,Dc) that consists of the 
following ingredients: 

1. a non-empty set G of states, (worlds) 

2. for every tt in 11, a binary relation ii^ on ^ x G- 

3. a non-empty set of objects Vo, called the domain of the frame. 

4. Vc is a non-empty set of functions from Q toVg, called individual concepts. 

The domain of an augmented frame is the set of things over which quantifiers 
can range, no matter at which state. TZ will be used as shorthand notation for 

{Rr\r G n}. 

Definition 2.5 (Interpretation). X is an interpretation in an augmented frame 

{Q ^'R,,'Do,'Dc) if X is a mapping that assigns: 

1. to each individual object constant symbol some member of Vq- 

2. to each individual concept constant symbol some member of V^. 

This interpretation gives rise to a constant domain^ that is, a domain (of 
interpreted constants) that is invariable between states. It is assumed that 
individual objects and concepts have unique names. In other words, no two dif- 
ferent constant symbols denote the same object. This allows us to use constant 
symbols to identify objects and concepts and vice versa. 

Definition 2.6 (Model). A first-order modal model is a pair 9Jt = {^,1) where 
3" is an augmented frame and I is an interpretation in it. 

Definition 2.7 (Assignment). Let 9Jl = (i?,I) be a first-order modal model. A 
assignment v in the model 9Jt is a mapping that assigns to each free individual 
object variable some member of Vg and to each free individual concept variable 
some member of Vc. 

Definition 2.8 (Term evaluation). Let ^ = {G,TZ,'Do,'Dc) be an augmented 
frame, 371 = (5^,X) be a model based on 3" and v be an assignment in 9Jl. A 
mapping {v * T) is defined, assigning a meaning to each term, at each possible 
state. Let T G Q. 

1. if p is a variable, {v *l){g,r) = v{g). 

2. if c is a constant symbol, {v * T){c, T) = T{c). 

3. if i t is a relativized term, {v * t, T) = {v * I){t){T). 
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To make reading easier, the following special notation is used. Let gi, . . . , gk 
be variables of any type, and let di, . . . ,dk be members of VgUVc, with di € 
if the variable Qi is of object type, and di e T>c if Qi is of concept type. Then 



abbreviates: 9Jt, T \hv> (p where v' is the assignment that is like v on all variables 
except gi,... gi, and v'{gi) = di, . ..v'{gk) = dk- 

Definition 2.9 (Truth in a model). Let ^ = {Q ,TZ,Vo,T)c) be an augmented 
frame, SOT — (5^,1) be a model based on ^ and w be a assignment in 9Jl. We now 
inductively define the notion of a formula ip being satisfied (true) in SUl at state 
F as follows: 

1 . fm, rih„ ti = t2 iff (i' * I) (ti , r) = (v * i) (t2 , r). 

2. $H,rih, h ^ t2 iff {v*X){tuT) ^ {v*T){t2,r). 

3. 9Jt, r IK -•</2 iff art, r <p. 

4. 9Jl, r ((^ A ^) iff m, r Ih^ and 971, T ^. 

5. m,T\\-y {ipvtp) iff mi,r ih^ ip or m,T\\-^ ip. 

6. scn,rii-„ v'^V'iff^,ri/„(por£cn,rii-„ V- 

7. SOT, r Va; <p iff SOT, T ip[x/d] for all d G Do. 

8. SOT, r Va (/3 iff 9Jl, r lh„ ip[a/d\ for all d G X»c. 

9. an, r lh„ 3x iff an, r lh„ ^[.t/c?] for some d € Do- 
10. art, r lh„ 3a (/? iff SOT, r ll-^, ^[a/d] for some d G De- 
ll, art, r lh„ [7r](/3 iff for all A G S?, if 7r(r, A) then 971, A lh„ 

12. 971, r IK (7r)(^ iff for some A G if 7r(r, A) then a7l, A lh„ <p. 

13. 9rt,ril-„ {Xg.ip){t) if 97l,riK where d = {v *I){t,r). 
Definition 2.10 (Modal query). <p{gi, . . . , gn) is a modal query, iff 

1. is a wff of the modal language. 

2. gi, . . . ,gn are distinct variables of either kind 

3. gi, . . . , gn are the only free variables in ip. 
gi, . . . , gn is called the target list. 
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3 Database and algebra 



We adopt the unnamed conventional perspective of the relational modal, which 
is described in detail in chapter 3 of [AHV95| . The unnamed perspective is 
preferred over the named perspective, because it's easier to work with in the 
translation procedure and correspondence proof later in this section. 

3.1 Database 

Definition 3.1 (Database), dom is a countably infinite set of individual 
objects, relname is a countably infinite set of relation names. A relation 
scheme is a relation name (symbol) R along with a positive integer called the 
degree (arity) of R. If R has degree n, the n attributes of R are identified by 
the numbers 1, . . . ,n. A relation instance I, also associated with a degree n, is 
a finite set of n-tuples. 



symbol 


used for 


t,u 


tuple variables 


a,b,c 


constant symbols 


R,S 


relation names 


I,J 


relation instances 


q 


queries 


R 


database schema 


I 


database instance 



3.2 Relational Algebra 

Five primitive algebra operators form the unnamed relational algebra: projec- 
tion, selection and cross product, union and set difference. The sixth operator, 
intersection, is added because it is the natural algebra counterpart of the con- 
junction logical connective. 

Definition 3.2 (Selection). Let j,k be positive integers and c G dom. Then 
Cj^c and (7j=fc are selection operators. These operators applies to any relation 
instance / with degree(/) > max{j, k}. The operator (Tj=c is defined as follows: 

a,=c(/) = {te I\t{j) = c} 

producing output of degree (/). 

Definition 3.3 (Projection). The projection operator has the form TTji....,j,^ 
where ji , . . . , j„ is a possibly empty sequence of positive integers, possibly with 
repeats. This operator takes as input any relation instance with degree > 
maxjji, . . . , jra}, and returns an instance with degree n, in particular, 

^ju-,jAi) = mji),---,tijn))\tei} 
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Definition 3.4 (Cartesian (cross) product). Let I and J be two relation in- 
stances., witli arities n and m, respectively. The cartesian product returns a 
relation instance with a degree ofn + m and is defined as follows 

I X J ^ {{t{l), . . .,t{n),u{l), . . .,u{m))\t e / and u € J} 

The relation instance {()} behaves as left and right identity: 

^x{()} = {()}x/ = / 

Because cross-product is associative, it can be viewed as polyadic operator 
and written as /i x . . . x /„ . 

Definition 3.5 (Union-compatible). Two relations are union compatible if they 
are of the same degree. 

Definition 3.6 (Union). By adding union to the algebra, it becomes possible 
to express disjunctive information in algebra expressions. Let / and J be two 
relation instances that are union-compatible. The union of / and J, noted /U J, 
is defined as follows: 

/ U J = {t\t e / V i G J} 

Definition 3.7 (Difference). Set difference adds negation to the algebra. Let 

/ and J be two relation instances that are union-compatible. The set difference 
of / minus J, noted / — J, is defined as follows: 

I - J = {t\t G I At ^ J} 

Definition 3.8 (Intersection). Let / and J be two relation instances that are 
union-compatible. The intersection of / and J, noted ID J, is defined as follows: 

InJ = {t\t €l AtGJ} 

Definition 3.9 (Algebra query). The base algebra queries are inductively de- 
fined as follows: 

1. Unary singleton constant : If c G dom, then {(c)} is a query with degree 
1. 

2. Input relation: If i? is a relation, the expression i? is a query with degree 
equal to degree{R). 

The family of algebra queries is inductively defined as follows: 

1. All base algebra queries are algebra queries. 

2. Selection: Let j, k < degree{qi) and c G dom. If qi is a algebra query, then 
crj=c(9i) and aj=k{<li) are algebra queries with degrees equal to degree{qi), 

3. Projection: If qi is a algebra query and each ji,. ■ . ,jn < degree{qi), then 
7rji,...,j„(gi) is a algebra query, with degree n. 
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4. Cross product: If qi, q2 arc algebra queries with degrees n respectively m, 
then qi x 172 is a algebra query, with degree n + m. 

5. Union: If gi, q2 are algebra queries that are union compatible; they are of 
the same degree, then qi U (j2 is a algebra query with degree degree{qi). 

6. Intersection: If qi, (72 are algebra queries that are union compatible, then 
qi n 92 is a algebra query with degree degree{qi). 

7. Difference: If 91,^2 are algebra queries that are union compatible, then 
Qi — g'2 is a algebra query with degree degree{qi). 



4 Translation 

Definition 4.1 (correspondence). Let 971 = {^,T) be a model and £ a bijective 
mapping that assigns to each concept in Vc a number between 1 and |fc|- 
Associated with 9Jl are a unique database schema Rot and instance l<jji for 
which the following condition holds: 

1. Rot = {Sta, Rel, Con, Obj}. 

2. Con has degree 1 and Con{Ifm) = T^c- 

3. Obj has degree 1 and Obj{Ism) = f o- 

4. The domain dom of the database is VcWDqU 11. 

5. The modal language and the database share the same collection of object 
constant symbols. 

6. Unique names are assumed, in particular, the object denoted by a database 
object constant symbol c is equivalent to it's interpretation in the modal 

language T(c) . 

7. degree(S'ta) = |X>c| 

8. r is a state in Q iff there is a tuple (ai, . . . , a„) in S'ta(lOT) such that for 
every i € {!,..., n} holds I{ai) = {v c)(r), where £(c) = i and 
n = degvee{Sta) . 

9. there is a concept named id in Vc such that Sta : id ^ ci . . . Cfe where 
U=i...fe Ci = Vc- id. €{id) = 1. 

10. Dom{typeCode) = H. 

11. Rel has degree 3. 

12. for every n €ll holds: 

7r(r, A) iff there is a tuple (a, 6, c) in Rel{Itxn) such that I{a) = {v 
id){T) and 1(6) = {v*I){l id){A) and I{c) = n. 



7 



Example 4.1. This example shows a model and it's corresponding database 
instance: 



Model: 



id=2 
code=a 



id=l 
code=d 



COMP 



COMP 



COMP ■ 



id=3 
code=b 



id=4 
code=c 



Database: 



Sta 


id 


code 






1 


d 








2 


a 








3 


b 








4 


c 






Rel 


source 


target 


typcCode 




1 




2 


COMP 




1 




3 


COMP 




1 




4 


COMP 



Con 


1 




id 




code 


Obj 


1 




1 




2 




3 




4 




a 




b 




c 




d 



Definition 4.2 (Formula translation). The following translation takes as input 

a query (p{gi, . . . , in the modal language and results in a relational algebra 
expression. The translation consists of a set of syntactic translation rules. 
The basic idea is that each atomic subformula, with free variables Qi, . ■ . ,gn is 
translated to a query on Sta, Obj and Con that has the following structure: 



8 



FT{ip{gi,. 


■,Qn) 


1 


n id 




v{qi) . 


• v{gn) r 



Example 4.2 (no variable query image). The query image of a translated 

formula with no variables looks like this: 



FT{i code = b) 


id 
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Example 4.3 (one variable query image). The query image of a translated 
formula with one variables looks like this 



FT{{i id ^'3 A code = gi)igi)) 


gi id 




b 3 



Conjunctions and disjunctions result in intersections and unions of queries. 
Negation of a query is translated to set difference on Sta. The translation of 
the existential quantifier is done by translating to a query with the quantified 
variable added to it's target list, which is later removed by projection of the 
original target list. The universal quantifier is translated by translating into 
the division of the translation of the remaining subformula of the query, by the 
concept domain Con or object domain Obj. The diamond modal operator is 
translated to a query on Rel. Since the translation doesn't require a specific 
normal form, we can use the dual of the diamond operator to translate the box 
operator. Lambda abstraction is translated using an extra query that captures 
the designation of the relativized term. 

1. Term translations result in attribute index numbers or constants. 

(a) TT{c) = 'c', if c an object constant. 

(b) TT{gk) — k, if g^ is a variable of either kind. 

(c) TT(l t) = n + €{t), if J, t is a relativized term, n is the number of 
variables of the subformula in the current scope. 

2. Variables result in domain relations. 

(a) VT{gi, . . . ,gn) = {()}, if gi, • • • is empty. 

(b) VT{gi, . . . , gn) = Di x . . . x Dn, otherwise, where Di is the relation 
Con, if gi is a concept variable, and Obj if gi is an object variable, 
l<i<n. 

3. (sub)formula translations are translated to algebra queries. 

(a) FT{ {ti = t2){gi, ■ ■ ■ ,gn) ) = T^l,...,n+l'J(TTiti)=TT{t2))iVT{gi, . . . ,gn)X 

Sta) 

(b) FT{ [ti ^ t2){gi, . . . ,gn) ) = 7ri,...,„+iC7(TT(ti)#TT(t2))(^^(^l' ■ • • ^Sn)x 

sta) 
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(c) FT{ ^^{gi,. . . ) = {VT{qu . . . ,Qr,)x7ri{Sta))-FT{^{0i, . . . 

(d) FT{ {tt)(p{0i, . . . ,Qn) ) = 7ri,...,„,„+2CT(„+4=^An+l=n+3)(-PT'(</'(ei, • • • 

Rel) 

(e) FT{ \-k]^{qi, . . . ,Qn) ) = FT{-n{n)^^{gi, . . . ) 

(f) FT{ V . . . ,gn) ) = FTi^igi, . . . ,e„)) U FT{i;{gi, . . . ,^„)) 

(g) FT{ (ip A i,){gu ■ ■ ■ ,gn) ) = FT{^{gi, . . . ,e„)) n FT(^(^i, . . . ,^„)) 

(h) FT{ 3g ip{gi, . . . ,£i„) ) = Tr2,...,n+2FT{g, gi,..., gn) 

(i) FT{ yg ip{gi, . . . ) = TT2,...,n+2U-n2,...,n+2{{VT{g)XTT2,...,n+2U)- 

U), where U = FT{g, gi,...,Qn) 

(j) FT({Xg.(p){t){gi, . . . ,£>„)) = TT2,...,n+2(T{l=n+3An+2=n+4){FT{(p{g, Ql, . . . , £>„))x 

'!^TT(t),lSta ) 

4.1 Examples 

Example 4.4 (Atomic formula, no variables). Here follows the translation of 
the variable free query (| code = 'b'). In this example, the translation of 
xVT{gi, . . . ,gn) with an empty gi,. ■ . ,Qn is given explicitly. In the remaining 
examples, I will omit this explicit translation of empty variable lists and directly 
write S instead of S xVTQ. 

FT{1 code = b) =^ t^i,. ...icr(TTacode)=TT(b)){VT{) x Sta) 
=^ 7ricr2=.b'({()} X Sta) 
=> 'Kia2='b' Sta 

Example 4.5 (Diamond operator, no variables). Here follows the translation 

of the variable free query {COMP){\, code = 'b'). 

FT{{COMP){l code = b)) 7ri,...,o,2cr(4=>coMp.Ai=3)(^7'(i code = b) x Rel) 

=^ 7r2cr(4=.coMP>Ai=3)(7ricr2=.b'(5'ta) x Rel) 

Example 4.6 (Box operator, no variables). 

FT{[COMP]{i code = b)) 

FT{^{COMP}^{l code = b)) 
^ {VT{gi, . . . ,e„) X TTiSta) - FT{{COMP)^{i code = b)) 

TTiSta - (7r2tT(4^.cDMP'Ai=3(-ReZ X FT{^{i code = b)))) 
^ TTiSta - (7r2cr(4=,coMP'Ai=3)(-Re; X iiVT{gi, . . . ,£>„) x TTi_Sta) - FT{{i code = b){gi, . . . ,g„))))) 
=4> TTiS'ta - (7r2cr(4^.cQMP'Ai=3)(-Re^ X {-KiSta — Tria2='h' Sta))) 

Example 4.7 (Predicate abstraction, no variables). Here follows the translation 
of the variable free query {Xy.{COMP){[ code — y)){i code). Note that the 
first translation step introduces a variable. 

FT{(Xy.{COMP){l code = g)){l code)) 

TT2,...,2(T(^l=3A2=i){FT{{COMP){l Codc = g){g)) X T^TT(code)-0,lSta) 
^ 7r2Cr(i=3A2=4)(7ri,...,l,20-5='CDMP'A2=5(-P'7'((J. Codc = g){g)) X Rel) X TT2,lSta) 

7r2<T(i=3/\2=4)(7''l,2CT5='C0MP'A2=5(7''l,2O'TT(ico(ie)=TT(e)(^'7"(f?) X '5'^) X Rel) X 'K2,lSta) 

7r2cr(i=3A2=4)(7ri,2a-5=.caMP'A2=5(7ri,20-3=i(06j X Sta) X Rel) x 'K2,iSta) 
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4.2 Proof of correspondence 

Lemma 4.1. Let Igji he a database instance that is associated with a model 9Jt. 
Then \J-^^^^^^ ,^TTiSta(l^) C Obj{lm)- 

If this was not the case, it would be a violation of definition 14.11 item 4. 

Lemma 4.2. Let Iot be a database instance that is associated with a model 
Then Sta(I^) is not empty. 

This property follows straight from definition 12.41 item 1 and definition 14.11 
item 8. 

Lemma 4.3. Fix a model state pair 971, F. Then for any two arbitrary terms 
ti, t2, assignment v and and object constant i, where i identifies the state in Sta 
such that I{i) = {v *T){1 id,T), the following holds: 

(r>*Z)(ti,r) = (wX)(t2,r) iff {v{gi), . . . ,v{gn),i) e FTiiti ^ t2){gi, . . . ,g„))ilm) 
where pi, . . . , g„ is the list of variables m ti, i2- El 

Proof. Let ti, t2 be terms, v an assignment and u the tuple {v{gi), . . . , v{gn), i) 
such that the following holds: 

u e FT{{ti ^ t2){gu . . . ,gn)){lmi) 
which by translation step 3(a) of definition 14.21 is equal to. 

U e 1^l,...,n+l'y(TT(ti)=TT(t2)){^T(gi, . . . ,gn) X S'to)(Isrn) 

Thus the following equivalence is to be proved: 

{v*T){ti,r) = {v*T}{t2,r) iff u e TTi,...,n+i<y{TT(ti)=TT{t2)){VT{gi, . . . ,gn)xSta){Im)- 

• ti and t2 are both constants. Since there are no variables, u is the tuple 
(j) and Tri,...,„+ia(TT{ti)=TT{t2))iyT{gi, . . . ,gn) x Sta){Im) is equivalent 
with '!TiaTT{ti)=TT{t2)Sta(I(m)- 

=> By definition EH item 2, {v*T){ti,T) = {v*X){t2,r) iS X{ti) = Z(t2). 
By the unique names assumption, ti and t2 are the same constant. By 
definition l4.1[ item 5, this constant exists in the database. Hence TT{ti) = 
TT{t2) and therefore 'JTT{ti)=TT(t2)^io,^w) = Sta{lf3yi). By definition [4TT] 
item 9, M e T^i(JTT(ti)=TT(t2)Sta{l^). 

<^ Suppose that ti and t2 are different constants. Because of the 
unique names assumption, '!TiaTT{ti)=TT{t2)Sto.(Jw) is empty. But 
u S 7ri(7TT(ti)=TT(t2)'5'^«(Ian) and Sta{Ir)yi) is not empty (lemma 14. 2p . 
Therefore ti and t2 are the same constant. By definition 14.11 item 5, this 
constant exists in the modal language. Hence {v*T){ti,T) — {v*2){t2,T). 

■^The object constant symbol i is used on many occasions where is more appropriate. 
Prom the context it should be clear whether the object itself, a number or word that identifies 
a state, or it's (unique) symbol is meant. 



11 



• ti is a constant, ^2 is a relativized concept. For the sake of readability, let ti 
be the constant a and t2 be the relativized concept i c, with €(c) = 2. Let 
u e 7ri,...^„+i(T(TT(ti)=TT(t2))(^^(£'i, • • ■ X Sta)(I<jn). Because there 
are no variables, this is equivalent with u £ '^icr>s_>^2{Sta)(lf)yi), which by 
definition holds iflF (i) e {t[l]\t G Sta{Im) A t[2] = a}, which holds iff 
there exists a tuple t in Sta{I(m) such that t[l] = i and t[2] = a. Because 
T{i) — {v id, r) and by definition 14.11 item 8 this holds iff I{a) = 

c,r). By definition!^ this holds iff (v *I) (a, T) = iv*I){l c,r). 

• ti is a variable, ^2 is a relativized concept. For the sake of readability, let 
ti be the variable g and t2 be the relativized concept ]. c, with £(c) = k. 
Let ?; be any assignment such that {v{g),i) £ FT{{g —I c){g)). This 
is translated to {v{g),i) £ Tri^,,,^n+io-{TT{g)=TTac))iyT{g) x Sta){Im), 
which is further translated and simplified to the equivalent {v{g),i) £ 
T^i.2<7{i=k+i)iObj X Sta){If)yi), which by definition [3?2] is equal to {v{g), i) £ 
{t £ TTi^k+i{Obj X Sta){I^)\t{l) = t{k + 1)}. Because lemma KT\ holds 
on database instance Ifjrt, the set {t\t £ ni^k+i{Obj x Sta){I^) A t{l) = 
t{k + 1)} is equal to the set {t\t £ TTk^iSta{ls)}i}- Hence {v{g),i) is in 
Trk,iSta{I<xn) iff v assigns to g the object denoted by the attribute with 
index k, which corresponds to relativized concept j c. By definition 14.11 
item 8, this holds iff v{g) — (v * c, F), which, in other words, is equal 
to {v*J){ti,T) = iv*I){t2,T). 

• the remaining combinations follow from commutativity and transitivity of 

□ 

Proposition 4.4 (Correspondence). Fix a model state pair 9Jt, F and object 
constant i, such that T{i) = {v * T){[ id, F) Then the following holds 

aJl,F Ihu Lp{gi, gn) iff {v{gi), . . .,v{gn),i) £ FT{ip{gi, gn)){'lw) 

Proof. By induction on the structure of if. 

• Base case: tp is ti —t2, where ti,t2 are object terms. This is lemma l473l 

• Case -i(p{gi, . . . ,gn)'- Assume that 9Jl, F Iht, -193(^1, . . . ,gn)- This holds 

iff an, F f^, if (truth definition) 

iff {v{gi),...,v{gn),i) ^ FT{ip{gi, . . . , gn)){l^) (inductive hypothesis) 

iff («(f?i), . . . , v{g^), i) £ {VT{g) x ^^Sta) - FT{^{g^, . . . , gn)){lm) {dei^ 

iff (^;(^?l),...,^;(£)„),^} ei^r(-(^(ei,...,g„))(lOT) (dcfO item 3(c)). 

• Case {(f A '^){gi, ■ ■ ■ ,gn)- Assume that 9Jl, F Ih^, A i^{gi, ■ ■ ■ ,gn)- This 
holds 

iff m,T\\-y ip and 9Jl, F lh„ -0 (truth definition) 

iff {v{g,), . . . , v{gn), i) £ FT{^{g^, . . . , e„))(lOT) (IH) 

and {v{gi), . . . ,v(gn),i) £ FT{^{gi, . . . , gn))(I^) (IH) 
iff {v{gi),...,v{gn),i) £ FT{(p{gi, . . . , gn)){Im) 

n FT(V(^^l, . . . , gnJKlm) (def [IH) 
iff {vigi),...,vig„),i) £FT{{ifA^){gi,...,g„)){Im) (defEJ item 3(g)). 
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• Case (</3 V ■ • ■ tQti)'- similar to the conjunction case. 

• Case {TT)ip{gi, . . . ,gn)'. Let idr,id^ be shorthand notations for (v * 
T){id,r), {v * X){id, A) respectively. It is easy to see that the object 
constant i is equal to idr- 

^ : Assume that 9Jt, F (7r)(p(gi By the truth definition, 
there exists a A such that 7r(r, A) and 3Jl, A (p{gi, . . . ,gn). By the 
IH, {v{gi),...,v{gn),idA) G FT{Lp{gi, . . . , gn)){I<m)- Since 7r(r, A) and 
because of definition 14.11 item 12, the tuple (idrjidA,'^) G -Re/(Igj;). 
The crossproduct FT{tp{gi, . . . , gn)) x Rel contains the following at- 
tributes: 1, . . . , rt are gi, . . . , p„. n + 1 the id's of the states in which 
the subformula (p is true. At index n + 2 the Rel relation appears 
in the cross product: n + 2 holds the source state, ti + 3 the tar- 
get state and n + 4 the typeCode. Hence {v{gi), . . . ,v{gn),idr) G 
Tri,...,n,n+2(^{n+4=7TAn+i=n+3){FT{(p{gi,...,gn)) X Rel){Im)- Since i is 
equal to ic?r, this means that, {v{gi), . . . , i) G FT{{'K)ip{gi, . . . , gn)){'^m)- 

^ : Assume that {v{gi), . . . ,v{gn),i) e FTi{Tr)ip{gi, . . . , gn))(Im)- Ap- 
plying translation step 3(d) of definition 14.21 gives 

{v{gi), . . . ,v{gn),i) G 7ri,...,„^„+20-(„+4=7rAn+l=n+3) (^^((^(gli, . . . , £»„)) X 

Rel)(Im)- This means there exist tuples t, u in respectively FT((p(gi, . . . , p„))(I(Dt) 
and Rel{Ifm), such that i[n -I- 1] = u[2] and u[3] = tt and u[l] = i. Let 
u[2] = z^A. Since i — id/^ and by definition 14.11 item 12, 7r(r, A). Since 
u[2\ = t[n + l], also holds {v{gi), . . . ,v(gn),id/^) G FT(v5(gi, £>„)). 
Hence, by the IH, 9Jt, A <p(f?i, . . . ,gn). By the truth definition, 
M,r Ih^ (7r)(/7(ei, . . . ,£»„). 

• Case 3g (^(gii, . . . , p„): Let [/ be the query FT{ip{g, pi, . . . , The in- 
ductive hypothesis states 9Jl, F lh„ (^(gi, pi, . . . , gn) iff {v{g), v{gi), . . . , v{gn), i) G 

^ : Assume that 9Jl, F lh„ 3g Lp{gi, . . . , gn). 

By definition of 3, 9Jl,F IK, . . . , e„) for some d G Pjl. 

By the IH, for some d £ VT{g), {d,v{gi), . . . ,v{gn),i) G U{lm)- Hence 
{v{gi), . . .,v{gn),i) G 'K2,...,n+2FT{ip{g, pi, . . . , gn))(Jm)- 

<= : Assume that {v{gi), . . . ,v{gn),i) G ■K2,...,n+2FT{(p{g, gi, . . . , ei„))(Iim)- 
For the sake of contradition, suppose that 97t, F Ih,, ^g (p{gi, . . . , gn)- By 
definition [m OT, F ip[g/d]{gi, . . . , gn) for some d G X>o. By the IH 
and dual, for no d G Vo, {d,v{gi), . . . ,v{gn),i) G [/(Ian)- Hence for all 
d e I?o, {d,v{gi),...,v{gn),i) ^ U{lm) and hence (w(ei), ...,«(£»„), i) 
^ 7r2,...,n-i-2-FT((p(p, pi, . . . , gi„))(lOT). But this is a contradiction, so 
9Jl,r 3g ip{gi, . . . , £i„). 

• Case V^i ip{gi, . . . , gn)- Let t/ be the query FT{ip{g, gi, . . . , gn)) and let A 
be the query VT{g) x 7r2,...,„+2C/- The inductive hypothesis states OJl, F Ih^ 
(p{g, gi,---,gn) iff {z;(£i), ^(fi*!), ...,«(£»„), i) G C/(Iot)- 

•^Replace with Dc if £) is a concept variable. 
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^ : Assume that 971, F Wg • ■ • , Qn)- 

By definition of V, OT, T lh.„ ip[g/d]{gi, . . . , g„) for all d G vE- 
Hence, by the IH, for aU d G T>o, {d,v{gi), . . . ,v{gn),i) G C/(Iot) (*)• 
It is now easy to see that ^(Iot) — U{Im)- Hence {A — U){Im) = 0. 
Hence n2,...,n+2U - 7r2,...,„+2(A) - U){Im) = 7r2,...,„+2C/(lOT)- Since (*), 

{v{gi), v{gn), i) G 'K2,...,n+2U-TT2,...,n+2{{VT{g)XTT2.,...,n+2U)-U)(J.w) 

By definitionSSl {v{gi), . . . ,v{gn),i) G FT{\/g ip{gi, . . . , gn)){lm) 

: Assume that {v{gi), . . . ,v{gn),i) G FTiVg (p{gi, . . . , gn))(lm)- By 
definition [321 {v{gi), ■ ■ ■ ,v{gn),i) G U — '^2,...,n+2{{VT{g) X 

'^2,....n+2U) — U){1^). For the sake of contradiction, suppose that 
371, r l/i, Vp (p{gi, . . . , gn)- By definition 12.91 there exists a c? G 
Do such that v{g) = d and 371, F (p{g, gi, . . . , gn). By the IH, 
(v{g),v{gi),...,v{gn),i) ^ U(Im)- Hence {v{g),v{gi), . . . ,vign),i) G 
(A - U)(Im) and hence (^(ei), . . .,vign),i) G 7r2,...,„+2(A - U){lm)- and 
hence . . . ,v{gn),i) ^ U — Tr2,...,7i+2{{VT{g) x 7r2,...,n+2J7) — 

[/)(l5rn) which is a contradiction. Therefore 371, F Vp ■ • ■ i ^?")■ 

• Case (Xg.ip)(t){gi, . . . , e„): 

Assume that 371, F {Xg.Lp){t){gi, . . . , 

By the truth definition, this holds iff 371, F W-y (p[g/d] where d — {v * 
T){t,r). In other words, 371, F !!-„/ ip where v' is v except v'{g) — {v * 
J)(i,F) (*). 

By the IH and because 37t, F Ih^,/ ip, this holds iff (v' (gi) , . . . , v' (gn)) G 
FT{ip{gi, . . . , gn)){lwi) (*^)- Since in subformula ip, g is an un- 
bound variable, by definition 14.21 item 2b, FT(ip(g, gi, . . . , gn)) = 
VT{g)xFT{ip{gi, . . . , g„)). Thus holds iff {v'{g), v'{gi), . . . , v'ign)) G 
FT{ip[g, gi, . . . , gn))(Lm) foi' any arbitrary valuation v' of g. Since 

(*), this holds iff {v' {g),v' (gi), . . . ,v' (gn) G TTl,...,n+2Cr{l=n+3An+2=n+4) 

{FT{ip{g, gi, . . . , gn)) x TTTT{t),i'Sta){If)ji) (*^)- The last step explained: 
ri + 2 = n + 4isa join condition on the state identifiers: select only tuples 
with matching states. The condition 1 = n + 3 ensures that v'{g) is equal 
to attribute with index TT{t), which by definition 14.21 item Ic, is In 
other words, only records are selected where v'{g) is equal to the value 
of attribute in Sta. By definition 14.11 item 8, this means that if and 
only if v'{g) = (v' *X)(t,F), the tuple is present in the query image. 

Finally, because v' is v except v'{g) — {v *X){t,r) and by definition 14. 2|, 
holds iff (vig,), . . . , v{gn)) G FT{{Xg.ip){t){gu . . . , gn))ilwi). 

□ 

''Replace with T>c if £) is a concept variable. 
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